{"id":25214050,"url":"https://github.com/kaalpanikh/dockerized-service-deployment","last_synced_at":"2026-04-02T03:09:29.178Z","repository":{"id":276764067,"uuid":"930212689","full_name":"kaalpanikh/dockerized-service-deployment","owner":"kaalpanikh","description":"Secure Node.js service with Docker, Ansible \u0026 GitHub Actions CI/CD pipeline for automated cloud deployment","archived":false,"fork":false,"pushed_at":"2025-02-10T10:08:40.000Z","size":12,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-01-03T16:21:04.673Z","etag":null,"topics":["ansible","aws","configuration-management","docker","github-actions","github-registry","iac","nginx","nodejs","roadmap-sh"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/kaalpanikh.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2025-02-10T09:10:15.000Z","updated_at":"2025-02-10T10:14:55.000Z","dependencies_parsed_at":"2025-02-10T10:28:37.219Z","dependency_job_id":"df970052-8a4e-4dc5-8d0e-c3480ded70c4","html_url":"https://github.com/kaalpanikh/dockerized-service-deployment","commit_stats":null,"previous_names":["kaalpanikh/dockerized-service-deployment"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/kaalpanikh/dockerized-service-deployment","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kaalpanikh%2Fdockerized-service-deployment","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kaalpanikh%2Fdockerized-service-deployment/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kaalpanikh%2Fdockerized-service-deployment/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kaalpanikh%2Fdockerized-service-deployment/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/kaalpanikh","download_url":"https://codeload.github.com/kaalpanikh/dockerized-service-deployment/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kaalpanikh%2Fdockerized-service-deployment/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31294883,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-02T01:43:37.129Z","status":"online","status_checked_at":"2026-04-02T02:00:08.535Z","response_time":89,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible","aws","configuration-management","docker","github-actions","github-registry","iac","nginx","nodejs","roadmap-sh"],"created_at":"2025-02-10T16:58:19.601Z","updated_at":"2026-04-02T03:09:29.160Z","avatar_url":"https://github.com/kaalpanikh.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Dockerized Service Deployment\n\nThis project implements a complete CI/CD pipeline for deploying a Dockerized Node.js service using Ansible and GitHub Actions. It follows the project requirements from [roadmap.sh's Dockerized Service Deployment project](https://roadmap.sh/projects/dockerized-service-deployment) with some additional enhancements.\n\n## Project Overview\n\nWe built a Node.js service that:\n- Serves a \"Hello, world!\" message at the root endpoint\n- Has a protected `/secret` endpoint with Basic Authentication\n- Includes a `/health` endpoint for health checks\n- Is containerized using Docker\n- Is deployed using Ansible and GitHub Actions\n- Uses Nginx as a reverse proxy\n\n## Implementation Details\n\n### 1. Node.js Application (`/app`)\n```javascript\n// Basic Express app with three endpoints:\n- GET /         → Returns \"Hello, world!\"\n- GET /secret   → Protected endpoint (Basic Auth)\n- GET /health   → Health check endpoint\n```\n\n### 2. Docker Configuration\n- Created `Dockerfile` for the Node.js application\n- Multi-stage build for optimized image size\n- Uses Node.js 18 Alpine base image\n- Proper security practices (non-root user, minimal dependencies)\n\n### 3. Ansible Setup (`/ansible`)\n- Created playbooks for automated deployment:\n  - `docker-setup.yml`: Installs Docker and Nginx\n  - `inventory.ini`: Defines control and target nodes\n  - `templates/nginx.conf.j2`: Nginx configuration template\n\n### 4. GitHub Actions Workflow (`.github/workflows`)\n- Automated CI/CD pipeline that:\n  - Builds Docker image\n  - Pushes to GitHub Container Registry\n  - Deploys to target EC2 instance\n  - Uses secrets for secure credential management\n\n### 5. Additional Features\n- **Enhanced Security**:\n  - UFW firewall configuration\n  - Proper permission management\n  - Environment variable handling\n- **Infrastructure Management**:\n  - Separate control and target nodes\n  - Nginx reverse proxy setup\n  - Docker container lifecycle management\n\n## Project Structure\n```\ndockerized-service-deployment/\n├── app/\n│   ├── app.js              # Main application code\n│   ├── Dockerfile          # Docker configuration\n│   ├── package.json        # Node.js dependencies\n│   └── .env.example        # Environment variables template\n├── ansible/\n│   ├── docker-setup.yml    # Ansible playbook\n│   ├── inventory.ini       # Server inventory\n│   └── templates/\n│       └── nginx.conf.j2   # Nginx configuration template\n├── .github/\n│   └── workflows/\n│       └── deploy.yml      # GitHub Actions workflow\n└── README.md              # Project documentation\n```\n\n## Implementation Steps\n\n1. **Application Development**\n   ```bash\n   # Initialize Node.js project\n   npm init -y\n   npm install express basic-auth\n   ```\n\n2. **Docker Configuration**\n   ```dockerfile\n   # Multi-stage build\n   FROM node:18-alpine AS builder\n   WORKDIR /app\n   COPY package*.json ./\n   RUN npm ci\n   COPY . .\n\n   FROM node:18-alpine\n   WORKDIR /app\n   COPY --from=builder /app .\n   EXPOSE 3000\n   CMD [\"node\", \"app.js\"]\n   ```\n\n3. **Ansible Setup**\n   ```yaml\n   # docker-setup.yml\n   - name: Setup Docker and Nginx\n     hosts: target\n     become: yes\n     tasks:\n       - name: Install Docker\n       - name: Configure Nginx\n       - name: Deploy application\n   ```\n\n4. **GitHub Actions Configuration**\n   ```yaml\n   # deploy.yml\n   name: Deploy Dockerized Service\n   on:\n     push:\n       branches: [ main ]\n   jobs:\n     build-and-deploy:\n       runs-on: ubuntu-latest\n       steps:\n         - uses: actions/checkout@v2\n         - name: Build and push Docker image\n         - name: Deploy to target node\n   ```\n\n## Proof of Implementation\n\nHere are the test results showing our working implementation:\n\n1. **Health Check Endpoint**\n```json\n// GET http://34.238.146.221:3000/health\n{\"status\":\"healthy\",\"timestamp\":\"2025-02-10T09:58:17.768Z\"}\n```\n\n2. **Root Endpoint**\n```json\n// GET http://34.238.146.221:3000/\n{\"message\":\"Hello, world!\",\"timestamp\":\"2025-02-10T09:58:26.676Z\"}\n```\n\n3. **Protected Endpoint**\n```json\n// GET http://34.238.146.221:3000/secret (with Basic Auth)\n{\"message\":\"'This is a secret message'\",\"timestamp\":\"2025-02-10T09:58:35.283Z\"}\n```\n\n## Learning Outcomes\n\n1. **Docker Best Practices**\n   - Multi-stage builds\n   - Security considerations\n   - Environment variable management\n\n2. **Ansible Automation**\n   - Infrastructure as Code\n   - Configuration management\n   - Role-based automation\n\n3. **CI/CD with GitHub Actions**\n   - Automated workflows\n   - Secret management\n   - Container registry integration\n\n4. **Security Considerations**\n   - Basic Authentication\n   - Environment variables\n   - Firewall configuration (UFW)\n   - Nginx as reverse proxy\n\n5. **Infrastructure Management**\n   - AWS EC2 instance management\n   - Network security groups\n   - SSH key management\n\n## Challenges Faced and Solutions\n\n1. **Port Access Issues**\n   - Problem: Application not accessible after deployment\n   - Solution: Configured both UFW and AWS security groups\n\n2. **Process Management**\n   - Problem: Port conflicts with existing processes\n   - Solution: Proper process cleanup and Docker container management\n\n3. **GitHub Actions Authentication**\n   - Problem: Container registry access\n   - Solution: Proper secret management and permissions\n\n## Project Page URL\n[roadmap.sh Dockerized Service Deployment](https://roadmap.sh/projects/dockerized-service-deployment)\n\n## Future Improvements\n1. Add HTTPS support with Let's Encrypt\n2. Implement container health checks\n3. Add monitoring and logging solutions\n4. Implement blue-green deployment strategy\n5. Add automated backups and disaster recovery","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkaalpanikh%2Fdockerized-service-deployment","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkaalpanikh%2Fdockerized-service-deployment","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkaalpanikh%2Fdockerized-service-deployment/lists"}